summaryrefslogtreecommitdiff
path: root/palemoon/debian
diff options
context:
space:
mode:
Diffstat (limited to 'palemoon/debian')
-rw-r--r--palemoon/debian/changelog81
-rw-r--r--palemoon/debian/control5
-rw-r--r--palemoon/debian/mozconfig1
-rw-r--r--palemoon/debian/mozconfig-unstable55
-rw-r--r--palemoon/debian/palemoon_devuan.dsc4
-rwxr-xr-xpalemoon/debian/rules9
6 files changed, 134 insertions, 21 deletions
diff --git a/palemoon/debian/changelog b/palemoon/debian/changelog
index 192aad6..0d57595 100644
--- a/palemoon/debian/changelog
+++ b/palemoon/debian/changelog
@@ -1,3 +1,58 @@
+palemoon (28.11.0-1+devuan) obs; urgency=medium
+
+ * This is a development, bugfix and security update.
+ - Changed storage format for certificates and passwords to SQLite.
+ - Added a preference (browser.tabs.insertAllAfterCurrent) to enable
+ always adding new tabs after the current tab, whether related or not.
+ - Changed the way Firefox extensions are displayed in the add-on
+ manager (provide a clear warning).
+ - Denied other types of add-ons that aren't explicitly targeting
+ Pale Moon's ID.
+ - Improved the browser's DPI-awareness to be per-monitor instead of
+ system-wide, on supported Windows operating systems.
+ - Updated bookmark backups code with the other half of what should
+ have been done way back when, so they work fully as-intended.
+ - Added a preference
+ (browser.bookmarks.editDialog.showForNewBookmarks) to enable
+ immediately showing the edit dialog for new bookmarks.
+ - If set to true, clicking the star in the address bar will pop
+ open the edit dialog immediately for changing details/sorting.
+ - Fixed the useragent string in native mode, and updated UA code to
+ properly respond to live changes to some preferences.
+ - Tidied up front-end browser JavaScript.
+ - Changed the way sources are compiled (on-going de-unification).
+ - Improved compatibility with gcc v10
+ - Removed support for the obsolete and unmaintained NVidia 3DVision
+ stereoscopic interface.
+ - Fixed some build issues in non-standard configurations.
+ - Fixed wrong positions when calculating the position for
+ position:absolute child inside a table.
+ - Aligned file name extension of saved url files with other
+ applications (lower case)
+ - Fixed building with --disable-webspeech (to disable speech
+ synthesis)
+ - Added global menubar support for GTK.
+ - Implemented node.getRootNode
+ - Implemented AbortController (Abort API)
+ - Improved the uninstaller to use elevation when prudent and
+ actually remove program files.
+ - Fixed a rare issue with editable page content.
+ - Fixed a crash related to ES module scripts.
+ - Aligned ES module scripting better with the current spec and
+ removed eager instantiation.
+ - Fixed a potential issue with the JPEG encoder. (CVE-2020-12422)
+ DiD
+ - Fixed a potential issue with AppCache manifests. DiD
+ - Fixed a potential crash in JavaScript date parsing.
+ - Fixed a problem with RSA key generation that would make it
+ potentially vulnerable to side-channel attacks. (CVE-2020-12402)
+ - Fixed a potential crash due to multithread race condition. DiD
+ - Fixed a correctness issue in URL handling. (CVE-2020-12418) DiD
+ - Unified XUL Platform Mozilla Security Patch Summary: 2 fixed, 4
+ defense-in-depth, 10 not applicable.
+
+ -- Ben Stack <bgstack15@gmail.com> Tue, 14 Jul 2020 14:28:53 -0400
+
palemoon (28.10.0-1+devuan) obs; urgency=medium
* This is a development, bugfix and security update.
@@ -755,7 +810,7 @@ palemoon (28.1.0~repack-1) obs; urgency=medium
- Fixed toolbar styling in toolkit themes.
- Fixed viewing the source of a selection.
- * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and
+ * Now has full support for gcc-8, so stop forcing gcc-7 build on Buster and
recent Ubuntus where gcc-8 is default.
-- Steven Pusser <stevep@mxlinux.org> Mon, 17 Sep 2018 19:05:20 -0700
@@ -834,8 +889,8 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium
- Prevented various location-based threats. DiD
- Fixed a potential vulnerability with plugins being redirected to different
origins (CVE-2018-12364).
- - Improved the security check for launching executable files
- (by association) on Windows from the browser. For users who have (most
+ - Improved the security check for launching executable files
+ (by association) on Windows from the browser. For users who have (most
likely accidentally) granted a system-wide waiver for opening these kinds
of files without being prompted, this permission has been reset.
- Fixed an issue with invalid qcms transforms (CVE-2018-12366).
@@ -852,13 +907,13 @@ palemoon (27.9.4~repack-1~mx17+1) mx; urgency=medium
palemoon (27.9.3~repack-1~mx17+1) mx; urgency=medium
* New upstream security update:
-
+
- Changes/fixes:
- - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to
- that report, the libopus maintainers state they don't believe remote
+ - (CVE-2017-0381) Ported a patch from libopus upstream. Note, contrary to
+ that report, the libopus maintainers state they don't believe remote
code execution was possible, so this was not a critical patch.
- Fixed an issue with task counting in JS GC.
- - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks
+ - Fixed a use-after-free in DOMProxyHandler::EnsureExpandoObject (thanks
to Berk Cem Göksel for reporting).
-- Steven Pusser <stevep@mxlinux.org> Tue, 12 Jun 2018 11:12:06 -0700
@@ -871,18 +926,18 @@ palemoon (27.9.2~repack-1~mx17+1) mx; urgency=medium
- We changed the language strings for softblocked items so people will cry
less when we do our job.
- (CVE-2018-5174) Prevent potential SmartScreen bypass on Windows 10.
- - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly
- rendering some Unicode characters, allowing for the file name to be
- spoofed. This could be used to obscure the file extension of potentially
+ - (CVE-2018-5173) Fixed an issue in the Downloads panel improperly
+ rendering some Unicode characters, allowing for the file name to be
+ spoofed. This could be used to obscure the file extension of potentially
executable files from user view in the panel.
- (CVE-2018-5177) Fixed a vulnerability in the XSLT component leading to a
buffer overflow and crash if it occurs.
- - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia
+ - (CVE-2018-5159) Fixed an integer overflow vulnerability in the Skia
library resulting in possible out-of-bounds writes.
- (CVE-2018-5154) Fixed a use-after-free vulnerability while enumerating
attributes during SVG animations with clip paths.
- - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
- conversion within JavaScript with extremely large amounts of data. This
+ - (CVE-2018-5178) Fixed a buffer overflow during UTF8 to Unicode string
+ conversion within JavaScript with extremely large amounts of data. This
vulnerability requires the use of a malicious or vulnerable extension in
order to occur.
- Fixed several stability issues (crashes) and memory safety hazards.
diff --git a/palemoon/debian/control b/palemoon/debian/control
index e9fa32b..862f239 100644
--- a/palemoon/debian/control
+++ b/palemoon/debian/control
@@ -8,7 +8,6 @@ Build-Depends: debhelper (>= 12),
autoconf2.13,
libasound2-dev,
libdbus-glib-1-dev (>= 0.60),
- libfontconfig-dev,
libgconf2-dev (>= 1.2.1),
libgtk2.0-dev (>= 2.14),
libssl-dev,
@@ -21,8 +20,6 @@ Build-Depends: debhelper (>= 12),
unzip,
yasm (>= 1.1),
zip,
- zlib1g-dev,
-# libfontconfig-dev only added for Debian OBS which is choking as of 2020-04 on libfontconfig-dev | libfontconfig1-dev for deps: libgtk-3-dev, libpango1.0-dev, libcairo2-dev, libxft-dev
Standards-Version: 3.9.6
Homepage: http://www.palemoon.org/
@@ -30,7 +27,7 @@ Package: palemoon
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends},
libavcodec54 | libavcodec-extra54 |libavcodec55 | libavcodec-extra55 | libavcodec56 | libavcodec-extra56 | libavcodec57 | libavcodec-extra57 | libavcodec58 | libavcodec-extra58 | libavcodec-ffmpeg56 | libavcodec-ffmpeg-extra56
-Provides: x-www-browser
+Provides: gnome-www-browser, www-browser, x-www-browser
Conflicts: palemoon-nonsse2
Replaces: palemoon-nonsse2
Description: Firefox-based, efficient and easy to use web browser
diff --git a/palemoon/debian/mozconfig b/palemoon/debian/mozconfig
index 6513132..445c209 100644
--- a/palemoon/debian/mozconfig
+++ b/palemoon/debian/mozconfig
@@ -50,6 +50,5 @@ ac_add_options --enable-alsa
# primarily for 32-bit but tolerated for 64-bit
ac_add_options --x-libraries=/usr/lib
-# TESTING FOR OBS
# limit to 4 cpus to limit memory usage (approximately 0.75 GiB RAM/thread)
mk_add_options MOZ_MAKE_FLAGS="-j4"
diff --git a/palemoon/debian/mozconfig-unstable b/palemoon/debian/mozconfig-unstable
new file mode 100644
index 0000000..aa04e06
--- /dev/null
+++ b/palemoon/debian/mozconfig-unstable
@@ -0,0 +1,55 @@
+mk_add_options AUTOCLOBBER=1
+export BUILDING_RELEASE=1
+export MC_OFFICIAL=1
+export MOZILLA_OFFICIAL=1
+export MC_PALEMOON=1
+
+#mk_add_options MOZ_OBJDIR=@TOPSRCDIR@/pmbuild
+
+ac_add_options --enable-application=palemoon
+ac_add_options --enable-official-branding
+ac_add_options --enable-official-vendor
+
+# Disable add-ons signing
+# Disable checking that add-ons are signed by the trusted root
+MOZ_ADDON_SIGNING=
+# Disable enforcing that add-ons are signed by the trusted root
+MOZ_REQUIRE_SIGNING=
+
+# Standard
+# Enables
+ac_add_options --enable-av1
+ac_add_options --enable-optimize="-O2 -Wl,--no-keep-memory -Wl,--reduce-memory-overhead"
+ac_add_options --enable-default-toolkit=cairo-gtk2
+ac_add_options --enable-devtools
+ac_add_options --enable-jemalloc
+ac_add_options --with-pthreads
+ac_add_options --enable-strip
+# Disables
+ac_add_options --disable-debug
+ac_add_options --disable-eme
+ac_add_options --disable-gamepad
+ac_add_options --disable-necko-wifi
+ac_add_options --disable-tests
+ac_add_options --disable-updater
+ac_add_options --disable-webrtc
+# Disable temeletry
+export MOZ_TELEMETRY_REPORTING=
+ac_add_options --disable-crashreporter
+ac_add_options --disable-parental-controls
+ac_add_options --disable-accessibility
+
+# Debian style
+ac_add_options --prefix=/usr
+# Devuan style
+ac_add_options --disable-dbus
+ac_add_options --disable-pulseaudio
+# even though this is redundant
+ac_add_options --enable-alsa
+
+# primarily for 32-bit but tolerated for 64-bit
+ac_add_options --x-libraries=/usr/lib
+
+# limit to 4 cpus to limit memory usage (approximately 0.75 GiB RAM/thread)
+# single-threaded for Devuan unstable
+mk_add_options MOZ_MAKE_FLAGS="-j1"
diff --git a/palemoon/debian/palemoon_devuan.dsc b/palemoon/debian/palemoon_devuan.dsc
index 3e314ec..40684b0 100644
--- a/palemoon/debian/palemoon_devuan.dsc
+++ b/palemoon/debian/palemoon_devuan.dsc
@@ -2,11 +2,11 @@ Format: 3.0 (quilt)
Source: palemoon
Binary: palemoon
Architecture: any
-Version: 28.10.0-1+devuan
+Version: 28.11.0-1+devuan
Maintainer: B Stack <bgstack15@gmail.com>
Homepage: http://www.palemoon.org/
Standards-Version: 4.1.4
-Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, lsb-release, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip, zlib1g-dev, libfontconfig-dev
+Build-Depends: debhelper (>= 12), autoconf2.13, libasound2-dev, libdbus-glib-1-dev (>= 0.60), libgconf2-dev (>= 1.2.1), libgtk2.0-dev (>= 2.14), libssl-dev, libx11-xcb-dev, libxt-dev, lsb-release, mesa-common-dev, pkg-config, python (>= 2.7), unzip, yasm (>= 1.1), zip
Package-List:
palemoon deb web optional arch=any
Files:
diff --git a/palemoon/debian/rules b/palemoon/debian/rules
index 5705c90..2efbbcf 100755
--- a/palemoon/debian/rules
+++ b/palemoon/debian/rules
@@ -4,6 +4,7 @@ export SHELL=/bin/bash
## borrowed from stevepusser's logic
## Build with gcc-8 on Buster (beowulf/ceres)
+## If you enable this, then d/control needs lsb-release as a build dependency.
#distrelease := $(shell lsb_release -cs)
#ifeq ($(distrelease),$(filter $(distrelease),buster beowulf/ceres))
#export CC=gcc-8
@@ -12,6 +13,12 @@ export SHELL=/bin/bash
#export LD=gcc-8
#endif
+export MCFILE=debian/mozconfig
+distrelease := $(shell lsb_release -cs)
+ifeq ($(distrelease),$(filter $(distrelease),sid unstable ceres))
+export MCFILE=debian/mozconfig-unstable
+endif
+
%:
dh $@
@@ -21,7 +28,7 @@ override_dh_auto_clean:
find . -name '*.pyc' -delete
override_dh_auto_configure:
- cp debian/mozconfig mozconfig
+ cp ${MCFILE} mozconfig
override_dh_auto_build:
make -f client.mk build
bgstack15